Attackers can get root by crashing Ubuntu’s AccountsService
Attackers can get root by crashing Ubuntu’s AccountsService
Police arrests ransomware affiliate behind high-profile attacks
Bugs in billions of WiFi, Bluetooth chips allow password, data theft
Log4j: List of vulnerable products and vendor advisories
Google pushes emergency Chrome update to fix zero-day used in attacks
TinyNuke info-stealing malware is again attacking French users
Phishing campaign uses PowerPoint macros to drop Agent Tesla
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks.
Kronos is a workforce management and human resources provider who provides cloud-based solutions for managing timekeeping, payroll, employee benefits, analytics, and more. In 2020, Kronos merged with Ultimate Software to create a new company named UKG.
Kronos’ software is used by many companies, including car manufacturers, education institutions, and local governments. Some of the customers using Kronos include Tesla, Temple University, Community Bank, and the San Francisco Municipal Transit Authority,
Today, Kronos disclosed that the UKG solutions using the ‘Kronos Private Cloud’ are unavailable due to a weekend ransomware attack on December 11th.
“As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud,” disclosed Bob Hughes, Executive Vice President for UKG.
“We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud—the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed.”
UKG solutions that are not using the Kronos Private Cloud are unaffected, including UKG Pro, UKG Ready, and UKG Dimensions.
UKG describes Kronos Private Cloud (KPC) as a secure storage and server facility hosted at third-party data centers. This infrastructure is used to host their Workforce Central, Workforce TeleStaff, TeleTime IP, Enterprise Archive, Extensions for Healthcare (EHC), and the FMSI environments.
“Kronos offers a hosting environment built upon a secure infrastructure, which undergoes examinations from an independent auditor in accordance with the AICPA’s SSAE18 (i.e., SOC 1) and the American Institute of Certified Public Accountants’ TSP Section 100a, Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy (i.e., SOC 2 and SOC 3),” reads the description of the Kronos Private Cloud infrastructure.
According to Kronos, KPC is secured using firewalls, multi-factor authentication, and encrypted transmissions to prevent unauthorized access to their systems.
Unfortunately, the threat actors were able to breach these systems and likely encrypted servers as part of the attack.
Due to this, Kronos says their KPC solutions are not available and will likely take several weeks before systems become available again. During this time, they suggest customers “evaluate and implement alternative business continuity protocols related to the affected UKG solutions.”
While not much else is known about the attack, this disruption of services comes at a terrible time for customers getting ready for holiday vacations, bonus payments, and a limited workforce.
An affected customer has told BleepingComputer that they will now have to go back to using spreadsheets and paper and pencil to cut checks and monitor timekeeping for the time being.
BleepingComputer has reached out to UKG with further questions and will update the article when we receive a response.
The Week in Ransomware – December 10th 2021 – Project CODA
Hundreds of SPAR stores shut down, switch to cash after cyberattack
Marine services provider Swire Pacific Offshore hit by ransomware
Moses Staff hackers wreak havoc on Israeli orgs with ransomless encryptions
MediaMarkt hit by Hive ransomware, initial $240 million ransom
Not a member yet? Register Now
Hackers start pushing malware in worldwide Log4Shell attacks
Bugs in billions of WiFi, Bluetooth chips allow password, data theft
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Six million Sky routers exposed to takeover attacks for 17 months

US regulators order banks to report cyberattacks within 36 hoursHackers deploy Linux…

Phishing attacks impersonate Pfizer in fake requests for quotation

Microsoft warns of easy Windows domain takeover via Active Directory bugsUK govt…

Conti ransomware uses Log4j bug to hack VMware vCenter servers

TellYouThePass ransomware revived in Linux, Windows Log4j attacksCredit card info of 1.8…

Moses Staff hackers wreak havoc on Israeli orgs with ransomless encryptions

New Microsoft emergency updates fix Windows Server auth issues7 million Robinhood user…